[wp-trac] [WordPress Trac] #43187: Add content filter to make target="_blank" always secure
WordPress Trac
noreply at wordpress.org
Thu Feb 1 12:53:17 UTC 2018
#43187: Add content filter to make target="_blank" always secure
-------------------------+-----------------------------
Reporter: notnownikki | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Future Release
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-------------------------+-----------------------------
Comment (by iseulde):
> I think it still makes sense to do the display filters though, because
I'd like to be sure that existing content is made safe too. Does that seem
ok?
I initially thought that sounded good, but it seems we are also only
stripping scripts etc. on save too (not display) and adding another regex
on display will impact performance again (there are quite a few already).
I don't know what's best though. I'm curious what others think.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43187#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list